Connect to Port 53: Join the DNS Hackathon 2023

Hackathons provide a great opportunity to meet others in your field and outside it, and to exchange knowledge and experience with people other than your everyday colleagues.

We aim to develop new tools, ideas, experiments, measurements and possible solutions all revolving around the DNS - because it's always DNS isn't it! :D

We will do this by bringing people together from different communities, sharing all the work openly and, most importantly, by having fun!

Hackathon information

Important Dates and Deadlines

• 28 Feb - Applications open
• 23 March - Application deadline
• 30 March - First round acceptance letters sent
• 11 May - Introductory webinar for hackathon participants
• 20-21 May - DNS Hackathon 2023 in Rotterdam
• 22-26 May - RIPE 86 takes place in Rotterdam

Apply now for the DNS Hackathon 2023

Selection process

We are looking for participants who are passionate about the DNS from the lowest protocol level up to the highest application usage, and who are interested in everything around developing, measuring and securing DNS-related tools and applications.

That means we are looking for people from a variety of backgrounds, including those who might not work directly with DNS and still want to contribute. We also need network engineers, users, designers, students, documentation writing volunteers, and enthusiastic beginners!

The event has a limited number of seats, therefore we have to find a way to choose participants. Instead of going for "first come, first accepted", we want to be able to create the most diverse group consisting of:

• Beginners and experts
• Developers and designers
• Hackers and engineers
• C, Python, Perl, Rust, Go etc ;-)
• A diverse range of nationalities, cultures and genders

The Programme Committee and Organisation Team will use your application information to make a choice based on:

• Your motivation
• Experience and skills
• A limit of two people from the same organisation

Venue and travel

The hackathon will take place at the same venue as RIPE 86. The hackathon is free of charge - there is no fee to pay, and food and drinks will be provided throughout the event on both days.

The organisers will not be making any travel or accommodation arrangements for the participants. Please be aware that Rotterdam is a popular tourist destination, so accommodation might be difficult to find if you do not plan this in advance.

Public transport is very efficient, though, so staying further away from the city centre can be a good option.

If you need to apply for a visa, RIPE NCC may be able to offer assistance in the form of an invitation letter - please see the RIPE 86 website.

Hackathon social

On the first day, Saturday, 20 May, we will have a social event with dinner for all participants. More information will be provided closer to the hackathon date.

Hackathon Challenges - Are You Ready?

Participants will work in small teams during the hackathon. In order to help you come up with or select a challenge/project/task to work on, we're suggesting the following themes:

• Sustainability,
• Security and Privacy
• Sovereignty

You can also suggest your own project when applying or specify that you wish to work on one of the project ideas below. And please specify if you need any specific resources, such as cloud computing, data repositories etc. Access to RIPE Atlas will be provided.

Sustainability

The sustainability theme focuses on the long-term ecological, economic and social impact of an activity. For this DNS Hackathon, we're looking specifically at the operation of a DNS service and how it relates to sustainability, and in particular to the environmental impact, for example: direct or indirect carbon emissions, energy consumption, etc.

How green can you make the DNS? Is it even possible to calculate the emission of a DNS query?

Project ideas:

• Compare carbon footprint of various SaaS DNS (software-as-a-service, a.k.a. "managed DNS") providers based on what can be learned about both their edge and core computing.
• Figure out potential cost/savings from moving to DNS-over-QUIC based on the extra computing required, and also the smaller need for overcapacity.
• Redesign the DNS packet format and build some benchmarks comparing performance versus existing format.

Security and Privacy

There is a long history of how DNS can be (mis)used to target victims, of which cache poisoning is one of the most well-known. DNSSEC is designed to counter this attack vector, but adoption is still relatively slow and the classic vulnerability is still exploited in attacks. With privacy enhancements to the DNS, more encryption is used in DNS transactions between client and server, making eavesdropping impossible (or more difficult). Alternatively, DNS data can be used for detection and incident analysis such as providing insight into sources and patterns of, for example, botnets used for DDoS attacks.

The security and privacy theme can examine: what the impact of these recent developments on DNS and DNSSEC security has been on robustness and the resilience against (unintentionally) participating in DDoS attacks; what new information models and analytical methods can be used to provide this kind of insight into security incidents or ongoing attacks.

Project ideas:

• Privacy (-obeying) techniques in DNS monitoring and data collection (for devops and intelligence collection).
• DNS data and analysis for threat intelligence and mitigation/protection.
• Using RIPE Atlas probes to analyse interception and injection by middleboxes for queries sent to the DNS authorities. This RIPE Labs article by Qasim Lone might be helpful.

Sovereignty

Increasingly emerging in the context of geopolitical governance, the term sovereignty is the effort by a governing entity, such as a state, to set boundaries on a network and then exert some form of control, often in the form of law enforcement across such boundaries. Infrastructure is becoming more centralised, for convenience (outsourcing of non-core activities) and for economies of scale.

The sovereignty theme can examine whose infrastructure you rely on, under what jurisdiction a service is offered and, in the event of international tensions, whether the service could be interrupted and what the impact of that would be.

In the EU region, we should think of national and EU/regional sovereignty and their interdependence. For privacy reasons, this has also become an important topic as EU law and protection of the privacy of EU citizens requires strict monitoring of what data is collected by major technology companies and whether their (non-EU) companies comply with the GDPR.

Project ideas:

• Review of dns0.eu traffic versus their claims, and how this compares with Quad9 privacy claims/guarantees.
• Domain name centralisation using open data such as OpenIntel and others.
• Analyse open source vulnerability history, the implications of the EU Cyber Resilience Act and the Software Bill of Materials, and propose some mechanisms that would improve vulnerability patching.

Bring your own idea!

Are you interested in other topics related to the DNS? Feel free to bring your ideas, concepts, or prototypes to the event as well!

Project ideas:

• Incremental (or complete... hey why not?) work towards resolverless DNS.
• Compare returning GeoIP-based NS vs. anycast solutions, possibly with modelling/simulation.
• Reproducing (or not) of already published DNS research.

Hackathon format

This hackathon is:

• Non-commercial; we (DNS-OARC, Netnod, RIPE NCC) are hosting this hackathon as a not-for-profit event and give no monetary prizes
• All resulting software, tools and documentation will be released under non-commercial licenses
• Non-competitive; we prefer cooperation and teamwork

To learn more about similar kind of hackathons, read about our previous hackathons on IoT and DNS!

Before the event

Applicants can use the collaborative tools to help plan shared work. We will also organise a webinar to explain the process, introduce the available tools and proposed projects for participants a week or two before the event.

If you need help planning the shared work, or if you are struggling with ideas, don’t hesitate to contact the Programme Committee via: dnshackathon2023 [at] dns-oarc [dot] net.

During the event

The venue will be open for work/play times for the event, between 9am and 6pm. On Saturday we will go out for a social dinner.

In addition to already proposed challenges, participants are encouraged to propose projects they wish to work on, either completely new ideas, or existing projects.

Participants will work in small teams, with each team focusing on a chosen project, idea or challenge. Teams can form in advance, using the provided collaboration tools, or at the beginning of the hackathon. All source code developed during the hackathon will be publicly licensed and available on GitHub, and accessible for the entire community to use. A variety of goodies will be provided for participating.

Since we want to focus on collaboration and not on competition, there will be no single prize winner. We will showcase all achievements during the closing session. Several projects will be awarded symbolic prizes in a few different creative categories.

After the Hackathon

Since this event is very short and for the sake of continuity, all projects will be documented on GitHub, and the teams will be encouraged to stay in touch with each other.

An overview of the hackathon results will also be presented at the DNS working group during RIPE 86 and it's possible that the working group chairs will invite one or more teams to give a more extensive presentation about their work.

We will have an online recap meeting within a month of the hackathon, and we will be planning follow-up events where we can meet again and continue our work together.

Apply now for the DNS Hackathon 2023

Organising Committee

• Jerry Lundström, DNS-OARC
• Johanna Eriksson, Netnod
• Vesna Manojlovic, RIPE NCC

Programme Committee

• Vicky Risk, ISC
• Benno Overeinder, NLnet Labs
• Moin Rahman
• Shane Kerr, NS1
• Moritz Müller, SIDN Labs
• Yazid Akanho, ICANN
• Qasim Lone, RIPE NCC

Co-hosts

• DNS-OARC
• Netnod
• RIPE NCC

Sponsors

• SIDN
  SIDN manages .nl, the Netherlands' ccTLD, with more than 6 million domains. SIDN also develops and delivers services and solutions for easier and safer connected living. Research team SIDN Labs supports those activities by devising new technologies and systems that increase the stability and security of .nl, the DNS and the internet infrastructure. Directly and through SIDN Fund, SIDN is also involved in social initiatives to promote use of the internet and address its side-effects.
• NLnet Labs
  With a dedicated team of sixteen full-time employees, the NLnet Labs foundation develops free, liberally licensed, open-source software for DNS and BGP routing. We also perform research, develop standards and support the Internet community. This work is 100% funded by the Internet industry though donations, support contracts and paid feature development.
• ISC
  ISC is a non-profit organisation founded in 1994 to help sustain critical functions on the Internet with open source software and services. ISC publishes and maintains two open source infrastructure applications, the BIND 9 DNS and the Kea DHCP server software. ISC also operates the F-Root system, one of 13 root systems that anchor the Internet's DNS system.

Do you wish to sponsor this event or have any questions?
Please contact dnshackathon2023 [at] dns-oarc [dot] net

The original version of this article was published over on the Netnod blog.